Vupen ITSec found 0day in Windows 8

French security researcher firm and famous bug hunters at Vupen announced that it had already developed an exploit that could take over a Window 8 machine running Internet Explorer 10, in spite of the many significant security upgrades Microsoft built into the latest version of its operating system.

Windows 8 operating system released last week, and now Microsoft itself has not been aware of security vulnerabilities available in release.
Bug+Hunters+have+Windows+8+Zeroday+Exploit
We welcome #Windows 8 with various 0Ds combined to pwn all new Win8/IE10 exploit mitigations,” Vupen posted on Twitter.
Bekrar’s claim follows up on his promise earlier in the month that Vupen would be ready to compromise Windows 8 immediately upon its launch: “Windows 8 will be officially released by MS on Oct 26th, we’ll release to customers the 1st exploit for Win8 the same day #CoordinatedPwnage
“The in-depth technical details of the flaws will be shared with our customers and they can use them to protect their critical infrastructures against potential attacks or for national security purposes,” Bekrar wrote in an email to Forbes. They can sell the exploit even for offensive suppose. Anyway, Windows 8 features several hardware-level security updates, in addition to Secure Boot which uses UEFI rather than a traditional BIOS and loads the Early Launch Antimalware (ELAM) driver.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s